• Messages sorted by: [ date ][ thread ][ subject ][ author ] [ Next ]
• [ Previous ] In reply to: shapj@us.ibm.com

shapj@us.ibm.com wrote:
>
> > That was the obvious answer. But how do you protect the private key from
> > abuse?
>
> That's what the tamper-proof hardware is for. I'm missing something.

What you are missing (or I am) is that you neglected to mention that tamper-proof hardware was involved (or I missed you mentioning it). Clearly its trivial to trust software that runs on tamper-proof hardware.

Ah, right. I remember now. We were talking about trusting a _remote_ system. How do we ascertain that it is, in fact, running on tamper-proof hardware? Or are you going to say that the software is burnt into the tamper-proof hardware, and therefore cannot run on anything else, and hence all we need to do is verify that the software is the software we think it is (and make sure no-one ever manages to get an image [oops, major security hole here])?

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi

[ Next ]
• [ Previous ] In reply to: shapj@us.ibm.com